Disclaimer: I could not complie-test or runtime-test these patches right now. This is a pure code-only review of the patches.
This seems to be correct. I'd leave out the meaningless parenthesis though. return (TSS_BOOL) (memcmp(digest, &auth->HMAC, 20) != 0); Am Mittwoch, den 09.04.2014, 15:41 -0300 schrieb [email protected]: > From: Richard Maciel <[email protected]> > > Related to coverit CID 10255. > > Return value of memcmp was being converted to TSS_BOOL type before > being tested, thus possibly missing information (since it can return > an integer value != of zero, depending on the differences found). > > Signed-off-by: Richard Maciel <[email protected]> > --- > src/tspi/tsp_auth.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/tspi/tsp_auth.c b/src/tspi/tsp_auth.c > index 4a57ae7..5ee6f5d 100755 > --- a/src/tspi/tsp_auth.c > +++ b/src/tspi/tsp_auth.c > @@ -359,7 +359,7 @@ validateReturnAuth(BYTE *secret, BYTE *hash, TPM_AUTH > *auth) > memcpy(digest, &auth->HMAC, 20); > HMAC_Auth(secret, hash, auth); > > - return ((TSS_BOOL) memcmp(digest, &auth->HMAC, 20) != 0); > + return ((TSS_BOOL) (memcmp(digest, &auth->HMAC, 20) != 0)); > } > > void ------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
